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In the Claims: 

I. -9. (Cancelled) 

1 0. (Currently Amended) A method for maintaining secure network connections, the method 
comprising: 

duplicating, at a third network element, a security association associated with a secure 
network connection between a first network element and a second network element, wherein a 
lookup of the security association associated with the secure network connection is not 
dependent on any destination address; and 

in response to detecting failure of the second network element, replacing the second 
network element with the third network element in the secure network connection with the first 
network element, wherein the secure network connection between the first network element and 
the third network element is based on the duplicated security association ; and 

sending at least one secure message from the third network element to the first network 
element to notify the first network element that the secure network connection will be taken over 
by the third network element . 

II. (Cancelled) 

12. (Previously Presented) A method for maintaining secure network connections, the 
method comprising: 

configuring a plurality of security gateways such that a lookup of security associations is 
not dependent on any destination address; 

sharing a security association among the plurality of security gateways; 

a first of the security gateways detecting failure of a second of the security gateways 
involved in a secure connection with a network device, wherein the secure network connection is 
associated with the security association; and 

in response to detecting the failure, the first security gateway sending a message to the 
network device that the first security gateway is taking over the secure network connection. 
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13. (Cancelled) 

14. (Previously Presented) The first security server according to claim 22, wherein a lookup 
of security associations is not dependent on any destination address. 

15. -16. (Cancelled) 

17. (Previously Presented) The first security server according to claim 22, wherein 
communications between the mobile client and the first security server are based on a security 
architecture for the internet protocol (IPsec). 

18. -19. (Cancelled) 

20. (Previously Presented) The method of claim 1 0, further comprising: 

during life of the secure network connection between the first and second network 
elements, the third network element receiving information relating to the security association of 
the secure network connection from the second network element. 

21 . (Previously Presented) The method of claim 20, wherein the first network element is a 
mobile client, and the second and third network elements are security servers. 

22. (Previously Presented) A first security server comprising: 

a transceiver to receive information relating to at least one security association of a secure 
network connection between a mobile client and a second security server; and 
a processor module to: 

monitor operation of the second security server; 

in response to detecting failure of the second security server, send a message to 
the mobile client that the first security server is taking over the secure network 
connection; and 
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communicate with the mobile client using the at least one security association 
over the secure network connection between the first security server and the mobile 
client. 

23. (Previously Presented) The method of claim 10, wherein the first network element is a 
mobile client, and the second and third network elements are security servers. 

24. (Previously Presented) The first security server of claim 22, wherein information relating 
to the at least one security association is duplicated at the first and second security servers. 

25. (Previously Presented) The method of claim 12, wherein sharing the security association 
comprises sharing an IPsec security association among the plurality of security gateways. 

26. (Cancelled) 

27. (Previously Presented) The method of claim 10, further comprising: 

after replacing the second network element within the third network element in the secure 
network connection, the third network element communicating with the first network element 
without the third network element re-establishing another connection with the first network 
element. 

28. (Previously Presented) The first security server of claim 22, wherein the processor 
module is configured to communicate with the mobile client after taking over the secure network 
connection without re-establishing a new connection. 
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